From: frantz@netcom.com (Bill Frantz)
Date: Fri, 3 May 1996 14:28:27 +0800
To: cypherpunks@toad.com
Subject: Re: [Fwd: Cylink can export 128-bit DH?]
Message-ID: <199605022252.PAA01524@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:55 AM 5/2/96 -0700, Ian Goldberg wrote:
>Bill Frantz <frantz@netcom.com> wrote:
>>As far as I know, DES is DES, domestic or export.  If your DES
>>interoperates with domestic DES (or popular implementations available on
>>non-US servers), then you have DES.
>
>Not quite.  CDMF key shortening was designed by IBM to shrink a 56-bit DES
>key to 40 bits, suitable for export.  See AC2, page 366.  I heard a rumour
>that CDMF is in SET, but I'm not sure how much that makes sense.

I can find no evidence in Draft 2/23/96 of SET for 40bit DES keys.  (BTW, I
would not call CDMF DES, but this may be merely quibbling.)  On page 31, it
says, "The DES key format follows FIPS 46: it contains 56 bits of keying
material and eight optional check bits."

Since SET is very careful to not deal with anything but the financial
aspects of online commerce, they can probably get a license for export
under the current rules.  (SET only includes a SHA hash of the "contract",
calculated by both the cardholder and the merchant in its encrypted
content.  Both versions must match for the transaction to be authorized.)

Regards - Bill


------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA